Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/DXXiRhf4GnY2ib21jziLkOnvPSM.roa
File: DXXiRhf4GnY2ib21jziLkOnvPSM.roa (raw, json)
Hash identifier: bTa7YdOt3lnl13BNcTDROxgQi8JawDLMLWBKFJSSfdo=
Subject key identifier: 0D:75:E2:46:17:F8:1A:76:36:89:BD:B5:8F:38:8B:90:E9:EF:3D:23
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019A06220133C82DB457D64E6565D2AAF9EA
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/DXXiRhf4GnY2ib21jziLkOnvPSM.roa
Signing time: Tue 21 Oct 2025 09:38:03 +0000
ROA not before: Tue 21 Oct 2025 09:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
5.187.33.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.48.0/24 maxlen: 24
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.151.0/24 maxlen: 24
83.172.153.0/24 maxlen: 24
83.172.169.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.40.105.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.3.0/24 maxlen: 24
188.190.6.0/24 maxlen: 24
188.211.166.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
213.111.177.0/24 maxlen: 24
213.111.182.0/24 maxlen: 24
213.111.183.0/24 maxlen: 24
213.111.184.0/24 maxlen: 24
213.111.186.0/24 maxlen: 24
213.111.187.0/24 maxlen: 24
213.111.188.0/24 maxlen: 24
213.111.191.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:ed91::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:22:01:33:c8:2d:b4:57:d6:4e:65:65:d2:aa:f9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 21 09:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d75e24617f81a763689bdb58f388b90e9ef3d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:dd:ec:26:7f:34:aa:98:72:91:da:37:02:
3e:d3:6c:64:bd:d9:76:8d:d1:45:10:b0:58:d7:51:
09:8c:e2:dc:af:8b:fe:17:81:1c:ec:8d:f8:31:7a:
21:1f:95:be:22:2a:20:9f:ce:4b:7f:f5:3e:ab:6f:
51:28:de:ad:0e:0c:6c:43:d1:9a:5c:43:10:d2:f7:
63:76:c9:e9:a6:11:13:2d:23:c1:1b:98:fc:e8:99:
60:40:2d:bd:fd:8f:6e:db:0a:ce:cb:99:8d:1b:83:
9d:11:8b:cf:ba:86:45:21:a4:21:36:d7:5a:93:88:
56:99:cc:87:87:6a:2e:cc:2f:ff:9a:ec:03:c5:e4:
30:0e:aa:1f:6a:87:af:0a:be:f6:50:85:25:16:68:
96:5c:72:17:44:b2:23:5a:53:94:90:30:d1:9a:7c:
a7:95:8a:e7:1b:56:c0:46:b2:11:73:6f:77:48:ba:
d7:32:31:2d:c7:78:71:48:55:e9:85:c2:6a:5e:14:
49:c4:9f:a3:02:b6:cc:05:1e:fe:27:06:0d:7d:f5:
26:93:9b:27:0a:e5:dc:5e:bd:20:e8:36:ca:6a:81:
22:5b:3f:49:9d:38:58:1c:68:15:68:76:02:3b:61:
bb:bc:3b:a9:85:44:16:15:fe:33:07:8a:37:82:cf:
01:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:75:E2:46:17:F8:1A:76:36:89:BD:B5:8F:38:8B:90:E9:EF:3D:23
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/DXXiRhf4GnY2ib21jziLkOnvPSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
5.187.33.0/24
37.235.48.0/20
45.153.125.0/24
46.183.187.0/24
83.172.134.0/23
83.172.150.0/23
83.172.153.0/24
83.172.169.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.40.105.0/24
89.46.235.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.204.0/23
103.57.249.0-103.57.250.255
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
176.126.99.0/24
185.26.236.0-185.26.238.255
185.122.184.0/24
185.193.51.0/24
185.195.65.0/24
188.190.1.0/24
188.190.3.0/24
188.190.6.0/24
188.211.166.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
193.3.55.0/24
213.111.177.0/24
213.111.182.0-213.111.184.255
213.111.186.0-213.111.188.255
213.111.191.0/24
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::-2a03:f80:32:ffff:ffff:ffff:ffff:ffff
2a03:f80:48::/48
2a03:f80:56::/47
2a03:f80:61::/48
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::-2a03:f80:359:ffff:ffff:ffff:ffff:ffff
2a03:f80:370::/47
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f80:ed91::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
9b:03:71:c9:1d:8e:25:fa:41:dc:bd:6e:47:40:6e:3c:d4:0b:
7f:8a:52:b8:de:09:10:cb:c5:55:6a:e3:43:47:bb:ef:93:d0:
15:f8:a9:df:cc:c7:98:e3:85:8e:18:4d:9a:c4:2c:35:4d:82:
a6:0c:69:9b:90:b4:c2:5b:bf:03:a8:a0:53:f2:30:67:90:0a:
38:b0:8a:35:1f:32:c9:98:fd:0d:c4:2e:45:4e:a8:a7:b2:c2:
2c:df:01:92:70:b8:25:cd:8c:ac:24:a4:c7:9b:49:ba:4d:a9:
29:c9:8f:01:f6:a3:ab:7f:ed:9e:ab:49:e3:6c:82:f9:98:ef:
56:87:49:a4:4a:0f:07:74:f4:73:e6:24:18:64:76:c5:07:69:
22:1b:c1:a8:d2:eb:c3:31:b3:9e:72:f5:db:2a:68:44:d1:e6:
99:70:4d:20:63:50:07:b6:19:48:be:9f:dd:ea:7f:8d:2c:b8:
48:37:ba:cf:66:39:0d:67:72:d3:28:23:a2:71:9f:0a:db:f8:
7b:d4:c1:8b:9c:27:b9:e8:87:59:03:e5:95:20:a1:22:36:12:
dd:22:4d:73:f8:a3:bc:01:db:2f:a2:aa:27:5b:e2:58:aa:f5:
c6:2b:56:ce:5a:a6:4b:5c:96:79:19:9d:cd:9c:e2:59:4c:ca:
56:b5:4a:d5
-----BEGIN CERTIFICATE-----
MIIHBzCCBe+gAwIBAgISAZoGIgEzyC20V9ZOZWXSqvnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUxMDIxMDkzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc1ZTI0NjE3ZjgxYTc2MzY4OWJkYjU4ZjM4OGI5MGU5ZWYzZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/7d7CZ/NKqYcpHaNwI+02xkvdl2
jdFFELBY11EJjOLcr4v+F4Ec7I34MXohH5W+Iiogn85Lf/U+q29RKN6tDgxsQ9Ga
XEMQ0vdjdsnpphETLSPBG5j86JlgQC29/Y9u2wrOy5mNG4OdEYvPuoZFIaQhNtda
k4hWmcyHh2ouzC//muwDxeQwDqofaoevCr72UIUlFmiWXHIXRLIjWlOUkDDRmnyn
lYrnG1bARrIRc293SLrXMjEtx3hxSFXphcJqXhRJxJ+jArbMBR7+JwYNffUmk5sn
CuXcXr0g6DbKaoEiWz9JnThYHGgVaHYCO2G7vDuphUQWFf4zB4o3gs8BNQIDAQAB
o4IEEzCCBA8wHQYDVR0OBBYEFA114kYX+Bp2Nom9tY84i5Dp7z0jMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvRFhYaVJoZjRHblkyaWIyMWp6aUxrT252UFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICJwYIKwYBBQUHAQcBAf8EggIWMIICEjCCAUoEAgABMIIB
QgMEAAW0cgMEAAW7IQMEBCXrMAMEAC2ZfQMEAC63uwMEAVOshgMEAVOslgMEAFOs
mQMEAFOsqQMEAFPzeAMEAVPzegMEAFT3PQMEAFZqdwMEAFkfewMEAFkoaQMEAFku
6wMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQgMEAV+czDAMAwQAZzn5AwQAZzn6AwQA
hv/SMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AMEALB+YzAMAwQC
uRrsAwQAuRruAwQAuXq4AwQAucEzAwQAucNBAwQAvL4BAwQAvL4DAwQAvL4GAwQA
vNOmMAwDBAC81iEDBAC81iIDBAG81iYDBADBAzcDBADVb7EwDAMEAdVvtgMEANVv
uDAMAwQB1W+6AwQA1W+8AwQA1W+/MAwDBAHVtzYDBAHVtzgwgcEEAgACMIG6AwcA
KgMPgAAHMBIDBwAqAw+AADEDBwAqAw+AADIDBwAqAw+AAEgDBwEqAw+AAFYDBwAq
Aw+AAGEDBwAqAw+AAHADBwAqAw+AA1QwEgMHACoDD4ADVwMHASoDD4ADWAMHASoD
D4ADcAMHACoDD4A5kQMHACoDD4CtFTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMP
gO0xAwcAKgMPgO1RAwcAKgMPgO2RAwcAKgMPgqvNAwcAKgMPh///MA0GCSqGSIb3
DQEBCwUAA4IBAQCbA3HJHY4l+kHcvW5HQG481At/ilK43gkQy8VVauNDR7vvk9AV
+KnfzMeY44WOGE2axCw1TYKmDGmbkLTCW78DqKBT8jBnkAo4sIo1HzLJmP0NxC5F
TqinssIs3wGScLglzYysJKTHm0m6TakpyY8B9qOrf+2eq0njbIL5mO9Wh0mkSg8H
dPRz5iQYZHbFB2kiG8Go0uvDMbOecvXbKmhE0eaZcE0gY1AHthlIvp/d6n+NLLhI
N7rPZjkNZ3LTKCOicZ8K2/h71MGLnCe56IdZA+WVIKEiNhLdIk1z+KO8Adsvoqon
W+JYqvXGK1bOWqZLXJZ5GZ3NnOJZTMpWtUrV
-----END CERTIFICATE-----
Generated at Fri Oct 24 09:17:44 2025 by rpki-client